﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebFrontEnd
{
    public partial class LoginAs : PageBase
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            if (GetCurrentUser().Role !=  BusinessLayer.BLServerReference.Role.Admin)
            {
                Response.Clear();
                Response.StatusCode = 403;
                Server.Transfer("ErrorPages/403.aspx");
            }
            int id;
            if (!int.TryParse(Request.QueryString["id"], out id))
            {
                Response.Clear();
                Response.StatusCode = 404;
                Server.Transfer("ErrorPages/404.aspx");
            }
            var user = BL.GetUserByID(id);

            if (user.ID == GetCurrentUser().ID)
            {
                Response.Redirect("Default.aspx");
            }

            if (user == null || user.Role == BusinessLayer.BLServerReference.Role.Admin)
            {
                Response.Clear();
                Response.StatusCode = 404;
                Server.Transfer("ErrorPages/404.aspx");                
            }
            FormsAuthentication.SignOut();
            FormsAuthentication.RedirectFromLoginPage(user.Email, false);
        }
    }
}